Trend Micro’s Rik Ferguson blogs about current security issues.

Egypt: The Plague of Darkness

“Everyone has the right to freedom of opinion and expression; this right includes freedom to hold opinions without interference and to seek, receive and impart information and ideas through any media and regardless of frontiers.” – Universal Declaration of Human Rights 1948 – Article 19

Credit: Arbor Networks

At approximately 10:30 UTC last night, the internet in Egypt began to go dark. Many of the major ISPs have disappeared completely from the internet including LINKdotNET, Raya Telecom, Internet Egypt, Vodafone Egypt and IDSC. Most of the remaining service providers also have significantly less connectivity than at this time yesterday. The only ISP who currently appears unaffected is Noor Data Networks who remain resolutely 100% available. This is the provider used by the Egyptian Stock Exchange. The availability of this network and normal connectivity to the rest of the geographic region demonstrates that this is not a cut cable or other physical outage.

Even the National Telecoms Regulatory Agency is currently unreachable as are most major news outlets, schools, businesses and official and unofficial information sources. SANS are reporting that external access to resolve any address in the .eg domain is inaccesible. From my own tests, the top-level domain server at the Egyptian Universities Network cannot be resolved over DNS and does not respond to communications over TCP/IP, illustrating the effectiveness of this total shutdown using both Domain Name System (DNS) and Border Gateway Protocol (BGP) approaches. DNS is the protocol used to translate human readable wed addresses into numeric IP addresses and BGP is the protocol that Internet Service Providers use to advertise the IP addresses for which they are responsible.

This sudden severing of internet connectivity appears to have all occurred at a similar time and the assumption must be that it is a part of officially sanctioned tactics to attempt to contain the growing political unrest in the country. The crackdown first started with the censoring of social network in the country but as Iran learned, determined people quickly find ways around this with help from the outside world.

If indeed this action is officially directed then it would seem that the regime in Egypt has learned lessons from the Iranian attempts to censor communications there last year and taken even more drastic measures. This action is unprecedented in internet history.

Currently Egypt is effectively isolated from the internet and anecdotal reports are that similar action has been taken against mobile phone networks disrupting telephone and text communications.

Appeals are being made for amateur radio enthusiasts to lend their support in giving a means of communication with the outside world back to the Egyptian population.